Create DNAT port forwarding rules from easy-to-read YAML files.
Project description
ez_port_forward
Create DNAT port forwarding rules from easy-to-read YAML files.
Are you tired of always having to look up the iptables command every couple of months to change a single port forwarding on your proxmox/hypervisor because a friend asks you to make a new container for that very popular new game?
Here is the solution:
A YAML-powered port forwarding tool, that does all that for you.
You simply need to change some numbers in the very readable and easy-to-understand config file. The script then converts that to 100% valid iptables commands.
Has shortcut notation for multiple ports and ssh ports, and can do different input and output ports.
Checks port collisions and validity.
Installation:
pip install ez_port_forward
Installs a command ez-port-forward and its shorthand ezpf.
Usage:
-
ez-port-forward:
Looks in the current dir for a file namedport_config.yamland writes the results to/etc/network/interfaces.d/port_forwards.
WILL REPLACE THE FILE WITHOUT ASKING! -
ez-port-forward /path/to/my/port_config.yaml:
Uses given input file and writes results to/etc/network/interfaces.d/port_forwards.
WILL REPLACE FILE WITHOUT ASKING! -
ez-port-forward -o /target/path/port_forwards:
Looks in the current dir for a file namedport_config.yamland writes the results to the given output file.
WILL REPLACE THE FILE WITHOUT ASKING! -
ez-port-forward /path/to/my/port_config.yaml -o /target/path/port_forwards:
Uses the given input file and writes the results to the given output file.
WILL REPLACE THE FILE WITHOUT ASKING!
Same usage for the ezpf shorthand.
Requirements:
Python >= 3.9
PyYAML
Make sure your /etc/network/interfaces config contains the line
source /etc/network/interfaces.d/*.
Tested on Proxmox.
Example:
# the name of the bridge
vmbr0:
# the interface the bridge is connected to
bridge: eno1
# the ip range of your subnet you want to make port forwards in
# container ID are used as last octet for the ip
subnet: 10.0.0.0/24
# this section contains all the forwarding magic
forwards:
# this forwards to the container with id 101 and ip 10.0.0.101
101:
# forwards external port 10122 to internal port 22
ssh: true
# forwards multiple external ports to identical internal ports for tcp udp and both
tcp: 123,345,567
udp: 888,999
tcpudp: 111,222
102:
# maps external ports 321,345,765 to internal ports 123,345,567
tcp:
321: 123
345: 345 # will notice this port collision with 101 and mark the line in the output as comment
765: 567
201: # this is equivalent to below
ssh:
202:
tcp:
20222: 22
233:
# use port 23 for ssh shorthand, forwards 23323 to 23
ssh: 23
Result:
iface vmbr0 inet static
#--- Container 101
post-up iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 10122 -j DNAT --to 10.0.0.101:22
post-up iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 123 -j DNAT --to 10.0.0.101:123
post-up iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 345 -j DNAT --to 10.0.0.101:345
post-up iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 567 -j DNAT --to 10.0.0.101:567
post-up iptables -t nat -A PREROUTING -i eno1 -p udp --dport 888 -j DNAT --to 10.0.0.101:888
post-up iptables -t nat -A PREROUTING -i eno1 -p udp --dport 999 -j DNAT --to 10.0.0.101:999
post-up iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 111 -j DNAT --to 10.0.0.101:111
post-up iptables -t nat -A PREROUTING -i eno1 -p udp --dport 111 -j DNAT --to 10.0.0.101:111
post-up iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 222 -j DNAT --to 10.0.0.101:222
post-up iptables -t nat -A PREROUTING -i eno1 -p udp --dport 222 -j DNAT --to 10.0.0.101:222
#---
#--- Container 102
post-up iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 321 -j DNAT --to 10.0.0.102:123
# post-up iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 345 -j DNAT --to 10.0.0.102:345
post-up iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 765 -j DNAT --to 10.0.0.102:567
#---
#--- Container 201
post-up iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 20122 -j DNAT --to 10.0.0.201:22
#---
#--- Container 202
post-up iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 20222 -j DNAT --to 10.0.0.202:22
#---
#--- Container 233
post-up iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 23323 -j DNAT --to 10.0.0.233:23
#---
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file ez_port_forward-0.2.0.tar.gz.
File metadata
- Download URL: ez_port_forward-0.2.0.tar.gz
- Upload date:
- Size: 21.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.0.0 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 4acdadf005c7660b2855c5d317d78e3cb9677abf94b2e9ab4138d958d1e7a012 |
|
| MD5 | 87f664e386cec927e6dee8da55898db9 |
|
| BLAKE2b-256 | b8547943e55158c3bad5caaa240e2536c1184a13fcf3c9efd4530b00cab1aa98 |
File details
Details for the file ez_port_forward-0.2.0-py3-none-any.whl.
File metadata
- Download URL: ez_port_forward-0.2.0-py3-none-any.whl
- Upload date:
- Size: 18.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.0.0 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | eccac0af92aa9e7c58b6c5272ecf60934748fe1977cd4ddfe4a199d242337fbc |
|
| MD5 | 65a411ba8375ae593a7448ae3d8cb79b |
|
| BLAKE2b-256 | c8b67c5e75461456054dc7f10af9b4c37bf0f25e5ca8f60988cd64a8e8161dd7 |
